Hey everyone! I previously had the official Nextcloud plugin running on my Truenas Core box, but upon updating it seems to have broken the whole instance (apparently a common occurrence with the official plugin).
Rather than trying to troubleshoot the poorly supported and seemingly largely abandoned plugin, I'm taking the opportunity to go through Samuel Dowling's fantastic guide on a manual jail installation and configuration, to start up a new Nextcloud from scratch, and hopefully gain a better understanding.
There were some hiccups, but now it's nearly there and working nicely. I have two main problems so far:
Problem 1 - DNS redirecting to IP
When I attempt to visit my domain name:
cloud.example.com
It reverts to the local IP of the jail:
I'm using a reverse proxy, so this results in a timeout. To access the site without a timeout, I have to specifically use a URL with a nextcloud page.
For instance:
cloud.example.com/login or cloud.example.com/apps
In my NC Security overview, I have this message which could be related;
I've checked my config file again and again, going over every option and possibility I can imagine (with my limited experience). But as far as I can tell, the config is ok.
The only possibility I can think of are these settings
Which I've added to enable the "Pretty URLs" feature to remove the ugly index.php/ on all the URLs. But I'm not sure if this is the cause or not.
Problem 2 - unable to access from the LAN
This is not necessarily related to the new jail install, but it's an annoying problem that's just popped up.
I recently got a new modem at the behest of my ISP, and upon installing it I found I could no longer access NC from my desktop, which is connected to the Truenas via a 10g switch.
I was pretty confident that it’s a NAT loopback/hairpin routing issue. But the weird thing is that I can access Nextcloud from every device except my desktop when on Ethernet (I've tried laptop and phone and they both connect).
I'm not super familiar with this so I'm not sure if this is expected behavior. If it's a hairpinning thing I would've thought being on wifi would make no difference as long as it's on the same internal network, but lo and behold, disabling my nic and enabling wifi allows the desktop to connect just fine (also the ethernet works when I turn my VPN on).
What's the deal with this?
Thanks for sticking with the long post. If anyone has thoughts or suggestions I'd be super grateful. Thanks!
Rather than trying to troubleshoot the poorly supported and seemingly largely abandoned plugin, I'm taking the opportunity to go through Samuel Dowling's fantastic guide on a manual jail installation and configuration, to start up a new Nextcloud from scratch, and hopefully gain a better understanding.
There were some hiccups, but now it's nearly there and working nicely. I have two main problems so far:
Problem 1 - DNS redirecting to IP
When I attempt to visit my domain name:
cloud.example.com
It reverts to the local IP of the jail:
https://192.168.0.10/login
I'm using a reverse proxy, so this results in a timeout. To access the site without a timeout, I have to specifically use a URL with a nextcloud page.
For instance:
cloud.example.com/login or cloud.example.com/apps
In my NC Security overview, I have this message which could be related;
The reverse proxy header configuration is incorrect, or you are accessing Nextcloud from a trusted proxy. If not, this is a security issue and can allow an attacker to spoof their IP address as visible to the Nextcloud
I've checked my config file again and again, going over every option and possibility I can imagine (with my limited experience). But as far as I can tell, the config is ok.
<?php
$CONFIG = array (
'instanceid' => 'redacted',
'passwordsalt' => 'redacted',
'secret' => 'redacted',
'trusted_domains' =>
array (
0 => '192.168.0.10',
1 => 'cloud.example.com',
),
'datadirectory' => '/mnt/data',
'dbtype' => 'mysql',
'version' => '26.0.2.1',
'overwrite.cli.url' => 'https://cloud.example.com',
'htaccess.RewriteBase' => '/',
'dbname' => 'nextcloud',
'dbhost' => 'localhost:/tmp/mysql.sock',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'nextcloud_admin',
'dbpassword' => 'redacted',
'installed' => true,
'default_phone_region' => 'US',
'trusted_proxies' =>
array (
0 => '192.168.0.11',
),
'overwriteprotocol' => 'https',
'redis' =>
array (
'host' => '/var/run/redis/redis.sock',
'port' => 0,
),
'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.locking' => '\\OC\\Memcache\\Redis',
The only possibility I can think of are these settings
'overwrite.cli.url' => 'https://cloud.example.com',
'htaccess.RewriteBase' => '/',
Which I've added to enable the "Pretty URLs" feature to remove the ugly index.php/ on all the URLs. But I'm not sure if this is the cause or not.
Problem 2 - unable to access from the LAN
This is not necessarily related to the new jail install, but it's an annoying problem that's just popped up.
I recently got a new modem at the behest of my ISP, and upon installing it I found I could no longer access NC from my desktop, which is connected to the Truenas via a 10g switch.
I was pretty confident that it’s a NAT loopback/hairpin routing issue. But the weird thing is that I can access Nextcloud from every device except my desktop when on Ethernet (I've tried laptop and phone and they both connect).
I'm not super familiar with this so I'm not sure if this is expected behavior. If it's a hairpinning thing I would've thought being on wifi would make no difference as long as it's on the same internal network, but lo and behold, disabling my nic and enabling wifi allows the desktop to connect just fine (also the ethernet works when I turn my VPN on).
What's the deal with this?
Thanks for sticking with the long post. If anyone has thoughts or suggestions I'd be super grateful. Thanks!